Put groups_direct field in CI JWT tokens behind feature flag
All threads resolved!
All threads resolved!
Compare changes
Files
4-
In GitLab 16.11 !146881 introduced the `groups_direct` fields for CI JWT tokens used in the Vault integration. However, since JWT tokens are often sent in the `Authorization` HTTP header, the addition of the `groups_direct` field can cause the header to exceed the maximum allowed header size of Web/proxy servers. To avoid this issue, put this `groups_direct` field behind a `ci_jwt_groups_direct` feature flag while we figure out the best way to handle this. Relates to #467253 Changelog: changed
+ 9
− 0